Installation manual
Command Manual - QoS/ACL
Quidway S3000-EI Series Ethernet Switches Chapter 1 ACL Commands
Huawei Technologies Proprietary
1-8
undo rule rule-id [ destination | destination-port | dscp | fragment | icmp-type |
precedence | source | source-port | time-range | tos ]*
III. define/delete a rule for link acl
rule [ rule-id ] { permit | deny } [ protocol ] [ cos vlan-pri ] [ ingress { { { source-vlan-id
| source-mac-addr source-mac-wildcard } | interface { interface-name | interface-type
interface-num } }* | any } ] [ egress { { dest-mac-addr dest-mac-wildcard | interface
{ interface-name | interface-type interface-num } }* | any } ] [ time-range name ]
undo rule rule-id
IV. define/delete a rule for user-defined acl
rule [ rule-id ] { permit | deny } { rule-string rule-mask offset }&<1-8> [ time-range
name ]
undo rule rule-id
View
ACL view
Parameter
rule-id: Specifies a rule of an ACL with a number in the range of 0 to 127.
permit: Indicates to let the matched packets through.
deny: Indicates to reject the matched packets to pass through.
time-range name: Name of a time range, during which a rule takes effect.
Note:
The following parameters are attributes carried by the data packets. The ACL rules are
defined according to the values of these parameters.
z The parameter for define a basic ACL
source-addr wildcard | any: source-addr wildcard is the source IP address and source
address wildcard, expressed in dotted decimal notation. any represents any source
address.
fragment: Indicates that the rule takes effect on fragmented packets only and will be
ignored for other packets.
z The parameter of advanced ACL
protocol: This parameter is to define protocol type, which can be indicated by name, or
digit. This parameter can be icmp, igmp, tcp, udp, ip, gre, ospf or ipinip. If this